Products & Platforms

GAVS offers a full range of highly reliable computing and communications products and advanced services to deliver added value to customers. We deliver our own innovative software and also from leading technology partners like SDG to conceptualize, design, build and manage dynamic infrastructures that enables you to respond to the marketplace, improve service quality, increase efficiency and flexibility.

Services & Technologies

GAVS Technologies is a global full-service provider of Digital IT, Consulting and Enterprise Support. We achieve this through our solutions by leveraging Artificial Intelligence for Operations (AIOps) Predictive Analytics, Smart Machines and Instrumentation that enables organizations to achieve the Zero Incident EnterpriseTM.
We partner with our customers to consult, design, build, operate, manage and support business solutions. From strategic consulting to application and infrastructure solutions and services, our focus is to improve user experience by 10X and reduce resource utilization by at least 40%.

Inside GAVS

GAVS Technologies (GAVS) is a digital transformation company with focus on AI, Predictive Analytics, and robotics-led Infrastructure Management services. GAVS is committed to improving user experience by 10X and reducing resource utilization by 40%.

Insights

We bring you discerning insights on technology trends, innovation and organization culture, thru our collection of articles, blogs and more. Insights reflects our passion in driving advancements as we move forward creating new paradigms in business and work culture. You would find our thoughts on a variety of topics ranging from evolving technologies and ways it affects businesses and lives, transformational leadership, high impact teams, diversity, inclusion and much more.

Work with us

What it means to be a GAVSian?

If you rate high on our SWAT test (Smart, Hardworking, Articulate, Technologically curious), GAVS’ hiring profile, we promise you excitement, inspiration and the freedom to succeed in our flat organization. Being a GAVSian, you would represent our cutting edge in technological advancement while we help you hone yourself into the person you aspire to be. That’s the level of personal interest we invest in you.

Advanced Persistent Infrastructure (API) Threats

Jan 30, 2019

Infrastructure attacks might rank low in the list of security staff who are more worried about data theft, hacking, cybercrimes, DDoS and many more. While they are focused on them, there is another different type of attack vector that slips under the radar: Advanced Persistent Infrastructure (API).

Advanced Persistent Infrastructure (API) is not to be confused with the other popular word: Application Programming Interface that is a set of protocols, routines, functions and/or commands that programmers use to develop software or facilitate interaction between distinct systems.

Threats cannot be viewed in silos. There is always correlating information that act as precursor for the attacks. Only difference is that we have limited our security perspectives, ignoring patterns that the intruders have used in the past. Intruders usually have limited bandwidth with respect to time, resources and money unless they are part of a large crime organization. They aren’t looking to attack using new servers every time.

This is quite similar to the recycling threats scenario, where hackers exploited the vulnerabilities of an already discovered or publicised threat and manipulated the code to introduce a new variant of the threat. The difference is that here they will reuse existing IPs and domain names across multiple attacks.

The evolution of the Apache Struts vulnerability is a good example of how threat actors use advanced persistent infrastructure as an attack vector. In 2014, there were initial reports of exploits against the Struts vulnerability. In early 2017, new exploits were discovered in a Struts 2 vulnerability. Security analysts noticed the two exploits followed a very distinct pattern.

A couple of interesting observations were made:

Tactics May Change but IPs Don’t. Unless they are a member of a big crime organization, most hackers don’t have the resource to buy new IP addresses and domains every time. Hence, when an IP address comes online we should know exactly what it is tied to and its history.

Hackers act on the slow response. The reality is that when a new zero-day exploit is reported, organizations are slow to move on patching these things. Capitalizing on the slow response, the hackers act quickly to make use of the exploit. What they do is simply retool their favorite form of malware, and then use the infrastructure access they have in place, like IPs and domains, to launch the new attacks.

How to recognize infrastructure breach?

Organizations must recognize how these IP addresses and domains are reused that allow them to predict what threat may be coming.

Look at the activity history. That will give an idea about what to look out for.

Whenever a new version or variant of a known malware is identified, monitor old IPs and domains that directly correlate for new activity.

According to data submitted by companies to research analysts, looking back at historical report data in their vulnerabilities, they found that the IP addresses used with the original attacks can still be used with the new threats.

Perimeter security is not just enough to prevent the infrastructure breach. By understanding how hackers reuse infrastructure, companies have a better idea of the areas of the network to target when investigating a new threat, especially when it is a reiteration of an old malware.

GAVS’ Managed Security Services gives your IT enterprise the ability to simplify security management, thereby minimizing risks, protecting critical information, and effectively reducing the cost and complexity of your security infrastructure. With an end-to-end suite of fully managed services, the security services give a consolidated view of your security environment. Effective management, cost-effectiveness and seamless monitoring are the major drivers fueling the demand for these services.